CVE-2021-27039
HIGHAutoCAD < 2022.1.1 - Out-of-bounds Write via TIFF and PCX File Parsing
Title source: llmDescription
A maliciously crafted TIFF and PCX file can be forced to read and write beyond allocated boundaries when parsing the TIFF and PCX file for based overflow. This vulnerability can be exploited to execute arbitrary code.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004
Scores
CVSS v3
7.8
EPSS
0.0026
EPSS Percentile
49.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (6)
autodesk/autocad
< 2022.1.1
autodesk/design_review
2011
autodesk/design_review
2012
autodesk/design_review
2013
autodesk/design_review
2017
autodesk/design_review
2018
Published
Jul 09, 2021
Tracked Since
Feb 18, 2026